Log in

View Full Version : AT&T Wireless Launches Developer Portal for MPx200


Robert Levy
11-20-2003, 05:24 PM
<div class='os_post_top_link'><a href='http://www.geekzone.co.nz/click_thru_content.asp?ContentId=1852&URL=https%3A%2F%2Fwww%2Eattwireless%2Ecom%2Fdeveloper%2Fmembership%2FddpLogin%2Ejhtml' target='_blank'>http://www.geekzone.co.nz/click_thru_content.asp?ContentId=1852&URL=https%3A%2F%2Fwww%2Eattwireless%2Ecom%2Fdeveloper%2Fmembership%2FddpLogin%2Ejhtml</a><br /><br /></div>Are you a developer looking into targetting the MPx200 Smartphone on the AT&T Wireless network? Good news! They've expanded their "devCentral" portal with a bunch of links, information, and even code some sample code snippiets for the MPx200. Registration is free, but it's really only valuable for developers. The most interesting thing I found while glancing over this site is a description of the security model that AT&T Wireless has chosen for the MPx200:<br /><br />"Some carriers have chosen to lock down devices, preventing any non-certified module from running on the phone. For these phones, you will need to contact the each carrier to find how to certify your applications and DLLs. Unlike Smartphone devices from other carriers, AT&T Wireless has chosen not to restrict access to privileged APIs that would require modules to get a signed certificate in order to run on a device. This means that you are free to develop and download applications to any Smartphone from AT&T Wireless right out of the box as they appear as fully trusted modules. Other Smartphone providers provision their phones so that they require certificate before running on their phones. If you want your applications to run on both AT&T Wireless Smartphones and those from other carriers that enforce certification requirements, you will be required to get your module signed for the other carrier phones. Having a certificate from another provider will not prevent the application from running on a Smartphone from AT&T Wireless."

The PocketTV Team
11-24-2003, 01:55 AM
> The most interesting thing I found while glancing over this site is a description of the security model that AT&T Wireless has chosen for the MPx200

Well we already knew that, it was posted on another well-informed popular Poland-based Smartphone site (that we are unfortunately forbidden to mention on this forum).

But AT&T still do not say why they allow unrestricted access to the privileged API's on the MPx200 (therefore opening the door to data snooping, viruses and many other possible security issues).

Robert Levy
11-24-2003, 04:25 AM
Well we already knew that, it was posted on another well-informed popular Poland-based Smartphone site (that we are unfortunately forbidden to mention on this forum).

First of all, nobody said you can't mention other sites here... go for it. We chose to refrain from posting a link to what was written on msmobiles because he was claiming that this was a major security problem - an analysis that we consider to be inaccurate. Andy and I both emailed you privately saying so a while back.

But AT&T still do not say why they allow unrestricted access to the privileged API's on the MPx200 (therefore opening the door to data snooping, viruses and many other possible security issues).

Well I think that's pretty obvious from what I quoted... To make life easier for developers and end users.

Is the MPx200 less secure than other Smartphones? Yes. But let's put this in context before overreacting: Is it less secure than any Pocket PC, Pocket PC Phone Edition device? No. Have there ever been any Pocket PC or Pocket PC Phone Edition viruses seen in the wild? No.

The PocketTV Team
11-24-2003, 11:15 AM
> First of all, nobody said you can't mention other sites here... go for it. We chose to refrain from posting a link to what was written on msmobiles because he was claiming that this was a major security problem - an analysis that we consider to be inaccurate. Andy and I both emailed you privately saying so a while back.

I know and I still disagree with you on that point. I think this will prove to be a major security headhach. Just wait and see. When people realize that their personal data is not secured at all can be accessed and transmitted on the network without their knowledge, they will be outraged. Today we know it is possible and even easy to do that, but no application has taken advantage of this. Just wait until it happens...

> Well I think that's pretty obvious from what I quoted... To make life easier for developers and end users.

From what we heard from another wireless carrier, the reason is other.

> Is the MPx200 less secure than other Smartphones? Yes. But let's put this in context before overreacting: Is it less secure than any Pocket PC, Pocket PC Phone Edition device? No. Have there ever been any Pocket PC or Pocket PC Phone Edition viruses seen in the wild? No.

Pocket PC's are not connected permanently, so the security risk is much lower. We know that PPC Phone Edition are not secure, but they will have a market share much smaller than Smartphones, and probably much smaller than just the MPx200 alone. You know that viruses and troyans tend to develop faster for platforms that are connected to the network and have large number of users.

We just need to wait and we'll see who is right regarding what you call our "over-reacting"...

dboling
11-25-2003, 12:12 AM
>>Just wait and see. When people realize that their personal data
>>is not secured at all can be accessed and transmitted on the network
>>without their knowledge, they will be outraged.

This data can be queried and transmitted regardless of how the phone is secured. The only way to prevent this is for the phone to be configured to not to accept any 3rd party apps.

The trust model in Windows CE is related to device stability, not to data security. An 'untrusted' application can still access the file system and the connection manager functions.

The ATTWS choice enables any developer to create apps for the phone without having to go through a 3rd party vetting service. It is, and always will be, the responsibility of the user to install apps from known companies or to not install 3rd party apps at all.

The PocketTV Team
11-26-2003, 05:41 PM
> This data can be queried and transmitted regardless of how the phone is secured. The only way to prevent this is for the phone to be configured to not to accept any 3rd party apps.

That's absolutely incorrect.

Access to the SIM, to the operator's network, and all other "privileged" API's normally require a privileged certificate, which is issued by the wireless carrier, only to developers that are approved and trusted by the carrier.

On the MPx200, any application have access to those privileged API's, without the need for a privileged certificate.

> The trust model in Windows CE is related to device stability, not to data security.

I'm sorry to tell you, but that's absolutely not true. If this was true, could you explain why access to the SIM is privileged ? Reading data from the SIM cannot in any way compromize the stability of the device.

Security is not only geared at improving device stability, but also at improving data security and reducing the risk of having viruses etc.

> An 'untrusted' application can still access the file system and the connection manager functions.

Applications need to use privileged API to access the phone API, the SIM and various other API's related to data security.

The ATTWS choice enables any developer to create apps for the phone without having to go through a 3rd party vetting service.

ATT did not need to open privileged API's in order to do that.

And apparently you are not very well informed, even though you appear to work for ATT. Getting a "regular" Smartphone certificate for signing non-privileged application is a simple formality that does not require code certification etc. Any developer can obtain one, no question asked, from Geotrust.

> It is, and always will be, the responsibility of the user to install apps from known companies or to not install 3rd party apps at all.

I know this sentence is part of the official statement of ATT answering the MPx200 "security hole" issue.

Of course, the user should be responsible. But frankly I would vastly prefer to have a phone that I know has a certain level of safety built-in, so that I know that my confidential information (e.g. contacts) cannot be snooped-upon by any application that I install on the phone, unless they are explicitely allowed to do that (by the operator).

I'm not saying I prefer the high level of security used by europeans operators like orange. But franckly I don't understand why privileged API's should be allowed to everyone. I agree that some of the privileged API's should not be privileged, but that's something Microsoft should fix. For example, access the processor type, the device unique id, etc, should not be privileged. but that's a different issue.

Anyway, we'll all see how this story develops...